Skip to main content

Recommended Configurations for the Security Utilities Job Group

Dependencies

The RemoteOpenPort job must be must be successfully run prior to running the RetrieveNetstat job.

Targeted Hosts

  • OpenPortScan Job Group – There is no assigned host list for this job group. Configure a host list with any desired systems to be audited prior to running this job group. Both jobs in the OpenPortScan job group need to be assigned the same target host list.
  • SG_PowerShellCommands – All Windows Servers (No DCs)

Schedule Frequency

This job group can be scheduled to run as desired.

History Retention

  • SG_PowerShellCommands job – History is required and is turned on by default

Workflow

Step 1 – Ensure that the configured Connection Profile has local administrator privileges and Domain Admin privileges if targeting domain controllers.

Step 2 – Configure target hosts prior to running this job group.

Step 3 – Remotely execute a netstat command on the target hosts.

Step 4 – Schedule the Security Utilities job group to run as desired.

Step 5 – Review the reports generated by the jobs.